CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 1999(Gain Privilege)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2000-0373 +Priv 1999-06-01 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges.
2 CVE-2000-0367 +Priv 1999-02-18 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges.
3 CVE-2000-0363 +Priv 1999-10-22 2008-09-10
6.2
Admin Local High Not required Complete Complete Complete
Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory.
4 CVE-2000-0362 Overflow +Priv 1999-10-22 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges.
5 CVE-2000-0100 +Priv 1999-12-29 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program.
6 CVE-2000-0040 +Priv 1999-12-23 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.
7 CVE-2000-0037 +Priv 1999-12-28 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
8 CVE-2000-0035 +Priv 1999-12-28 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
resend command in Majordomo allows local users to gain privileges via shell metacharacters.
9 CVE-2000-0029 +Priv 1999-12-27 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack.
10 CVE-2000-0027 +Priv 1999-12-27 2008-09-10
6.2
Admin Local High Not required Complete Complete Complete
IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack.
11 CVE-2000-0018 +Priv 1999-12-22 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file.
12 CVE-2000-0017 Overflow +Priv 1999-12-21 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.
13 CVE-2000-0015 +Priv 1999-12-31 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
CascadeView TFTP server allows local users to gain privileges via a symlink attack.
14 CVE-2000-0013 +Priv 1999-12-31 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program.
15 CVE-2000-0005 +Priv 1999-01-02 2009-03-04
7.2
Admin Local Low Not required Complete Complete Complete
HP-UX aserver program allows local users to gain privileges via a symlink attack.
16 CVE-2000-0003 Overflow +Priv 1999-12-30 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.
17 CVE-1999-1589 +Priv 1999-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Unspecified vulnerability in crontab in IBM AIX 3.2 allows local users to gain root privileges via unknown attack vectors.
18 CVE-1999-1586 +Priv 1999-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
loadmodule in SunOS 4.1.x, as used by xnews, does not properly sanitize its environment, which allows local users to gain privileges, a different vulnerability than CVE-1999-1584.
19 CVE-1999-1585 +Priv 1999-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
The (1) rcS and (2) mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges.
20 CVE-1999-1584 +Priv 1999-12-31 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Unknown vulnerability in (1) loadmodule, and (2) modload if modload is installed with setuid/setgid privileges, in SunOS 4.1.1 through 4.1.3c, and Open Windows 3.0, allows local users to gain root privileges via environment variables, a different vulnerability than CVE-1999-1586.
21 CVE-1999-1573 +Priv 1999-12-28 2009-03-04
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files.
22 CVE-1999-1571 Overflow +Priv 1999-11-04 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570.
23 CVE-1999-1561 +Priv 1999-08-20 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server.
24 CVE-1999-1536 +Priv 1999-07-30 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
.sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file.
25 CVE-1999-1482 +Priv 1999-02-19 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes.
26 CVE-1999-1475 +Priv 1999-11-19 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
27 CVE-1999-1470 +Priv 1999-06-24 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Eastman Work Management 3.21 stores passwords in cleartext in the COMMON and LOCATOR registry keys, which could allow local users to gain privileges.
28 CVE-1999-1458 Overflow +Priv 1999-01-25 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in at program in Digital UNIX 4.0 allows local users to gain root privileges via a long command line argument.
29 CVE-1999-1450 +Priv 1999-01-27 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Vulnerability in (1) rlogin daemon rshd and (2) scheme on SCO UNIX OpenServer 5.0.5 and earlier, and SCO UnixWare 7.0.1 and earlier, allows remote attackers to gain privileges.
30 CVE-1999-1414 +Priv 1999-05-25 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
IBM Netfinity Remote Control allows local users to gain administrator privileges by starting programs from the process manager, which runs with system level privileges.
31 CVE-1999-1382 +Priv 1999-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program.
32 CVE-1999-1372 +Priv 1999-02-19 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Triactive Remote Manager with Basic authentication enabled stores the username and password in cleartext in registry keys, which could allow local users to gain privileges.
33 CVE-1999-1371 Overflow +Priv 1999-03-08 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument.
34 CVE-1999-1369 +Priv 1999-04-14 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges.
35 CVE-1999-1365 +Priv Bypass 1999-06-28 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Windows NT searches a user's home directory (%systemroot% by default) before other directories to find critical programs such as NDDEAGNT.EXE, EXPLORER.EXE, USERINIT.EXE or TASKMGR.EXE, which could allow local users to bypass access restrictions or gain privileges by placing a Trojan horse program into the root directory, which is writable by default.
36 CVE-1999-1352 +Priv 1999-09-28 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
mknod in Linux 2.2 follows symbolic links, which could allow local users to overwrite files or gain privileges.
37 CVE-1999-1350 +Priv 1999-09-29 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
ARCAD Systemhaus 0.078-5 installs critical programs and files with world-writeable permissions, which could allow local users to gain privileges by replacing a program with a Trojan horse.
38 CVE-1999-1340 Overflow +Priv 1999-11-04 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in faxalter in hylafax 4.0.2 allows local users to gain privileges via a long -m command line argument.
39 CVE-1999-1337 +Priv 1999-08-01 2008-09-10
4.6
None Local Low Not required Partial Partial Partial
FTP client in Midnight Commander (mc) before 4.5.11 stores usernames and passwords for visited sites in plaintext in the world-readable history file, which allows other local users to gain privileges.
40 CVE-1999-1329 Overflow +Priv 1999-12-31 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.
41 CVE-1999-1327 Overflow +Priv 1999-12-31 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in linuxconf 1.11r11-rh2 on Red Hat Linux 5.1 allows local users to gain root privileges via a long LANG environmental variable.
42 CVE-1999-1325 +Priv 1999-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
SAS System 5.18 on VAX/VMS is installed with insecure permissions for its directories and startup file, which allows local users to gain privileges.
43 CVE-1999-1320 +Priv 1999-12-31 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing.
44 CVE-1999-1317 +Priv 1999-12-31 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Windows NT 4.0 SP4 and earlier allows local users to gain privileges by modifying the symbolic link table in the \?? object folder using a different case letter (upper or lower) to point to a different device.
45 CVE-1999-1315 DoS +Priv 1999-12-31 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP and VAX/VMS systems allow local users to gain privileges or cause a denial of service.
46 CVE-1999-1307 +Priv 1999-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges.
47 CVE-1999-1247 1 +Priv 1999-02-24 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Vulnerability in HP Camera component of HP DCE/9000 in HP-UX 9.x allows attackers to gain root privileges.
48 CVE-1999-1246 +Priv 1999-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Direct Mailer feature in Microsoft Site Server 3.0 saves user domain names and passwords in plaintext in the TMLBQueue network share, which has insecure default permissions, allowing remote attackers to read the passwords and gain privileges.
49 CVE-1999-1236 +Priv 1999-10-01 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Internet Anywhere Mail Server 2.3.1 stores passwords in plaintext in the msgboxes.dbf file, which could allow local users to gain privileges by extracting the passwords from msgboxes.dbf.
50 CVE-1999-1171 +Priv 1999-02-02 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
IPswitch WS_FTP allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
Total number of vulnerabilities : 102   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.